package com.southwind.controller;

import com.southwind.common.ResultObj;
import com.southwind.shiro.ActiverUser;
import com.southwind.util.WebUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class RedirectController {

    @GetMapping("/{url}")
    public String url(@PathVariable("url") String url){
        if(url.equals("")) url = "index";
        return url;
    }

    @GetMapping("favicon.ico")
    @ResponseBody
    void returnNoFavicon() {
    }

    @PostMapping("/login")
    @ResponseBody
    public ResultObj login(String loginname, String password){
        Subject subject = SecurityUtils.getSubject();//Shiro 中表示当前用户的安全上下文，包含了用户的身份信息和权限信息。
        UsernamePasswordToken token = new UsernamePasswordToken(loginname,password);//创建认证令牌
        try {
            subject.login(token);//shiro
            ActiverUser activerUser = (ActiverUser) subject.getPrincipal();
            WebUtils.getSession().setAttribute("user", activerUser.getUser());
            return ResultObj.LOGIN_SUCCESS;
        } catch (UnknownAccountException e) {
            return ResultObj.LOGIN_ERROR_LOGINNAME;
        } catch (IncorrectCredentialsException e) {
            return ResultObj.LOGIN_ERROR_PASS;
        }
    }

    @GetMapping("/logout")
    public String logout(){//退出登录
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return "login";
    }

}
